A Django app to private security.txt details

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for peter.gastinger from gravatar.com peter.gastinger

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

https://securitytxt.org/ A proposed standard which allows websites to define security policies. https://tools.ietf.org/html/draft-foudil-securitytxt-10#section-3.5.3

based on: https://adamj.eu/tech/2020/06/28/how-to-add-a-well-known-url-to-your-django-site/

Quick start

  1. Add “polls” to your INSTALLED_APPS setting like this:

    INSTALLED_APPS = [
    ...
    'wellknown_security',
]

  2. Include the polls URLconf in your project urls.py like this:

    from django.conf.urls import include
...
path('.well-known/', include('wellknown_security.urls')),

  3. Add at least the contact info (either value is fine, can be multiple or just a single one) to settings.py

    Contact:

    WELLKNOWN_SECURITY_CONTACT = (
  'mailto:security@example.com',
  'mailto:security%2Buri%2Bencoded@example.com',
  'tel:+1-201-555-0123',
  'https://example.com/security-contact.html'
)

    other values can be added as well, e.g

    Encryption:

    WELLKNOWN_SECURITY_ENCRYPTION = (
  'https://example.com/pgp-key.txt',
  'dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY',
  'openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f'
)

  4. Start the development server and visit http://127.0.0.1:8000/.well-known/security.txt to check the results

    Output:

    Contact: mailto:security@example.com
Contact: mailto:security%2Buri%2Bencoded@example.com
Contact: tel:+1-201-555-0123
Contact: https://example.com/security-contact.html

Encryption: https://example.com/pgp-key.txt
Encryption: dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY
Encryption: openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for peter.gastinger from gravatar.com peter.gastinger

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.16

0.15

0.14

0.13

0.11

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-wellknown-security-0.16.tar.gz (6.0 kB view details)

Uploaded Source

File details

Details for the file django-wellknown-security-0.16.tar.gz.

File metadata

  • Download URL: django-wellknown-security-0.16.tar.gz
  • Upload date:
  • Size: 6.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.49.0 CPython/3.8.2

File hashes

Hashes for django-wellknown-security-0.16.tar.gz
Algorithm Hash digest
SHA256 f36d116b0a176dd347b2c71ec97842452995d8c79715c40bdbaf60d3b871cbd0
MD5 4be5c8650d4957a6d135701551414e47
BLAKE2b-256 b28b9db182fa55e7f52a200822ff9d1172dc941bc39b943948fcc1bee0fc42e5

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page